Automattic
Security Scorecard
Score
68C
Total CVEs
221
Patch Rate
49%
108 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High30
Medium181
Low0
Patch Status
Patched108 (49%)
Partial/Workaround1 (0%)
Unpatched112 (51%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11564 | - | Medium | 5.3 | 55d | Unpatched |
| CVE-2025-10637 | - | Medium | 5.3 | 55d | Unpatched |
| CVE-2025-10737 | - | Medium | 6.4 | 55d | Unpatched |
| CVE-2025-11257 | - | Medium | 4.3 | 56d | Unpatched |
| CVE-2025-12136 | - | Medium | 6.8 | 56d | Unpatched |
| CVE-2025-8427 | - | Medium | 6.4 | 57d | Unpatched |
| CVE-2025-11819 | - | Medium | 6.4 | 58d | Unpatched |
| CVE-2025-49959 | bbPress Move Topics Cross-site Scripting Vulnerability | High | 7.1 | 90d | Unpatched |
| CVE-2025-49962 | BBPress Notify XSS | High | 7.1 | 90d | Unpatched |
| CVE-2025-62022 | BuddyPress Auth Bypass | High | 7.5 | 90d | Unpatched |